Skip to main content
Glama
294,117 tools. Last updated 2026-07-13 11:21

"namespace:sh.xpay.mcp.price-sentinel" matching MCP tools:

  • Cloud- and night-independent Sentinel-1 C-band confirmation of forest disturbance. Intact forest scatters VV strongly + stably (canopy volume scattering); clearing collapses that term so VV backscatter DROPS ~3-5 dB. Samples VV at a baseline-year July-1 anchor and the latest scene, reports `vv_drop_db = baseline − recent` and a `disturbed` flag when the drop ≥ 3 dB (Reiche et al. 2018, RSE 204:147). Both VV reads are signed Primary facts; the response cites both fact_cids. Honest `inconclusive` when either S1 vintage is unavailable. Source: Microsoft Planetary Computer sentinel-1-rtc (anonymous SAS — no requester-pays, no API key). When to use: Call to corroborate or scout forest clearing where cloud blocks the optical products — radar sees through cloud and at night, catching wet-season clearing the annual Hansen/JRC-TMF layers and a single cloudy Sentinel-2 pass miss (the gap RADD was meant to fill). This is an ADDITIVE scout signal, NOT a standalone legal verdict: a VV drop can also be transient (soil moisture, harvest, flood recession), so confirm with the optical consensus (`emem_eudr_dds` or `emem_deforestation_alert`) before crediting a decision.
    Connector
  • Query verified U.S. annual retail electricity sales — billed MWh, revenue, and customer counts — by utility, state, and customer sector from EIA-861. Use this for "who sold how much power to whom" questions at the annual utility×state×sector grain: filter or group by `data_year`, `state`, `sector` (residential / commercial / industrial / transportation), `part`, `service_type`, `ownership`, `ba_code`, `data_type`, `eia_utility_id`, or `utility_name`. Pass filters inside the `params` object. Returns JSON aggregates with citations down to the exact stacked sector/measure cell, and optional row-level records when `include_records` is true. Defaults keep totals faithful: the in-row `total` sector block is excluded unless named explicitly (it duplicates the four sectors); EIA's state-level Adjustment (99999) and Withheld (88888) sentinel rows stay in state totals but are auto-excluded from any utility-keyed query; territories are excluded unless `included_in_default_us_metrics` is false. A result mixing service types carries a `service_type_mix` note quoting the file's own law — revenue sums Parts A,B,C,D but sales/customers sum A,B,D only (Part C delivery re-counts Part B energy). History spans data years 2016–2024, one annual census per year, each its own vintage. Reach an earlier year through `as_of`, not `data_year`: `as_of` resolves to the newest census at or before it (so `as_of` 2018-06-01 — or just 2018 — returns the 2018 census) and the response echoes that resolved `as_of`. `data_year` only filters within the resolved vintage, so `data_year` 2018 under the default `as_of` (latest = 2024) returns an empty scope, not 2018; the default serves 2024, a multi-year trend is one query per year, and an `as_of` before 2016 is refused, naming the floor. Does not determine hourly or peak load (sales are billed MWh over a year — use power.demand), facility-level or data-center-specific load, county-level detail, average retail price (cents/kWh — deferred), the ~1,700 small short-form (EIA-861S) utilities, or monthly freshness (this is the annual census, not the monthly EIA-861M sample).
    Connector
  • Predict the next-step value of 4 environmental scalars at a cell (`indices.ndvi`, `modis.lst_day_8day`, `modis.lst_night_8day`, `cams.pm25`) using a small learned dynamics MLP. Reads up to K=6 most-recent attested lags per band, runs them through an ONNX dynamics head (~200k params, CPU-fast), and returns a per-band {value, confidence, n_real_lags, via}. The receipt's `model` block carries `model_id`, `version`, `blake2b_hex` (model_cid), training/validation provenance, a top-level `skill_vs_persistence` block, and `honesty_warnings`, flagging `untrained_baseline` when the artifact is the zero-init sentinel and `NEGATIVE_SKILL` when the learned model is worse than persistence on real held-out NDVI. When the model does not beat persistence, bands with a real lag are returned from that lag tagged `via:persistence_fallback_negative_skill` (bands with no real lag fall back to labelled climatology). Distinct from v1 (`emem_jepa_predict`) which returns a single NDVI scalar via closed-form coefficients. When to use: Use when you want a short-horizon forecast of NDVI / land-surface temperature / PM2.5 at a cell grounded in its attested history. Returns 422 with a `/v1/backfill` hint when the cell lacks enough cached lags. Always read the receipt's `model.honesty_warnings` — `untrained_baseline` means the trivial 'predict last vintage' baseline (treat as no-op), and `NEGATIVE_SKILL` means the served values are the persistence fallback, not a learned improvement. Check each band's `via` field to see whether its value came from the learned model, persistence, or climatology.
    Connector
  • Measured ground motion (sinking/uplift) for a US address or lat/lon, in mm/year AND in/year, from NASA OPERA Sentinel-1 InSAR. Costs $0.40 from your SibFly credits; out-of-coverage / too-stale / too-low-confidence / fuzzy-geocode return FREE. Use the gate params to avoid paying for data you'd reject. dry_run=true is a FREE coverage+cost preview.
    Connector
  • True-colour Sentinel-2 L2A RGB thumbnail centred on a cell. PNG returned as a native MCP ImageContent block (mimeType image/png). Pure-Rust pipeline: STAC search + HTTP-Range COG reads + 2-98 percentile stretch + PNG encode. When to use: Call when the user wants a VISUAL of a place — 'show me what this looks like', 'before/after the flood', 'is there a forest here', 'is this developed'. Returns a 256×256 px RGB image (~2.56 km × ~2.56 km at S2's 10 m native resolution), centred on the cell. Pass `cell` as a cell64 string OR a place name (auto-resolved). `max_cloud` filters scenes by `eo:cloud_cover` (default 20 %); raise it (60–80 %) for cloud-prone tropics if you keep getting 'no scene' errors. `datetime` is an RFC 3339 interval like `"2024-01-01T00:00:00Z/2024-12-31T00:00:00Z"` for a temporal slice (defaults to last 90 days). `structuredContent` carries the STAC item id, capture time, cloud_cover, EPSG, and per-channel reflectance percentile stretch values used — quote those alongside the image so the receipt is reproducible.
    Connector
  • Per-band satellite-and-sensor fleet inventory — names the upstream platform (e.g. Sentinel-2A/B, MODIS Aqua/Terra, Landsat-8/9), revisit cadence, native resolution, and license for every materialized band. Lets an agent attribute imagery products correctly and pick the right band when revisit cadence matters. When to use: Call when the user asks 'which satellite is this from', 'what's the revisit time', or needs source attribution for a derived answer. Pair with emem_materializers for the wire path and emem_sources for the connector-level metadata.
    Connector

Matching MCP Servers

  • A
    license
    A
    quality
    C
    maintenance
    Enables static security audit of Solidity smart contracts by analyzing source code or deployed bytecode for vulnerabilities, providing risk scores and detailed findings.
    Last updated
    1
    MIT

Matching MCP Connectors

  • Primary Purpose: Resolves real-time pricing, token-costs, and unit-efficiency for 500+ AI/SaaS providers. Key Capability: Normalizes disparate billing units (GPU Hours, Credits, 1M Tokens) into a standardized "Cost-per-Generation" metric. Context: Essential for agents performing "Cost-Benefit Analysis" or "Automated Model Switching." Accuracy: March 2026 Ground-Truth (Verified via Exa Semantic Search).

  • Uptime, SSL, DNS and domain monitoring you can talk to from Claude or any MCP client.

  • Active grid encoding: cell64 ground resolution, lat/lng axis sizes, DGGS lineage. When to use: Call once at session start (or when the user asks about cell resolution / 'how big is a cell'). Returns the actual ground resolution today (~9.54 m × 9.55 m square at the equator (lat 21 bits × lng 22 bits, matching Sentinel-1/Sentinel-2 native pixel pitch). The cell64 bit layout reserves a resolution-tag field for future hierarchical refinement targeting H3-equivalent res-13 (~3.4 m) cells in v0.1.) and the spec target. Useful before you reason about whether one cell is enough or whether you need `emem_recall_polygon`.
    Connector
  • Audit GitHub Actions, GitLab CI/CD, Jenkins, CircleCI, Azure Pipelines, Bitbucket Pipelines AND Travis CI for security flaws BEFORE you merge or trust them — SEVEN CI ecosystems in one tool. Give it your CI config — the contents of .github/workflows/*.yml, your .gitlab-ci.yml, your Jenkinsfile, your .circleci/config.yml, your azure-pipelines.yml, your bitbucket-pipelines.yml and/or your .travis.yml (it auto-detects which CI system each file is) — and it returns a CRITICAL / VULNERABLE / RISKY / HARDENED verdict. GitHub Actions: script/expression INJECTION (attacker-controlled ${{ github.event.* }} — issue/PR title, body, comment, branch name, commit message, label name, fork repo identity — into run: or actions/github-script), following taint ACROSS steps.<id>.outputs.*, needs.<job>.outputs.*, env vars, matrix values, reusable-workflow inputs.* and composite-action interiors; pull_request_target / workflow_run 'pwn requests'; reusable-workflow misuse (untrusted data over workflow_call, 'secrets: inherit'); excessive GITHUB_TOKEN permissions; unpinned third-party actions incl. transitive supply chain (tj-actions/CVE-2025-30066 class); self-hosted-runner RCE; OIDC/id-token misuse; broken if: gates. GitLab CI/CD: injection from untrusted CI variables (CI_COMMIT_REF_NAME/BRANCH/TAG, CI_MERGE_REQUEST_TITLE/DESCRIPTION/SOURCE_BRANCH_NAME, commit message/author) interpolated into script:, following taint through variables: and extends: templates AND through remote/project include: files (cross-file, the included file's sinks are resolved & analyzed); secrets / broad CI_JOB_TOKEN / id_tokens (OIDC) exposed to fork merge-request pipelines; include: from untrusted remote/foreign-project sources not pinned to a SHA; rules/only/except that let a fork MR run privileged jobs without a manual gate; and artifact/cache POISONING where an untrusted job feeds bytes a privileged downstream job executes (cross-job & cross-pipeline). Jenkins (declarative + scripted Jenkinsfile): command INJECTION from untrusted input (build params.*, multibranch env.CHANGE_*/BRANCH_NAME, the GitHub PR-builder ghprb* vars like ghprbCommentBody, SCM commit data) interpolated into a sh/bat/powershell GString — following taint through pipeline/stage environment{} bindings; credential exposure (a credentials()/withCredentials secret printed with echo or baked into a shell GString, defeating log masking); Groovy evaluate()/Eval/load over untrusted input (sandbox bypass / RCE); approval-bypass (a privileged deploy/publish step reachable from a PR/comment build with no input() gate); and unsafe 'agent any' running untrusted PR code on a privileged executor. CircleCI (.circleci/config.yml): shell INJECTION from untrusted pipeline values (<< pipeline.git.branch >> / << pipeline.git.tag >> the attacker names, or a pipeline parameter set by an API/PR trigger) interpolated into a run: command; UNPINNED ORBS on a mutable version (@volatile / a bare major / dev: tag = supply-chain, the orb runs in your pipeline with your contexts); CROSS-FILE ORB INJECTION — an untrusted value passed to an orb-command parameter that the published orb's OWN source pipes into an internal run: sink (the orb's interior is resolved & analyzed, a flow a single-file scan can't see); fork-PR CONTEXT SECRET exposure (a job attaching an org context reachable from forked-PR builds without a type: approval gate); and missing approval gate before a privileged deploy job. Azure Pipelines (azure-pipelines.yml): macro INJECTION from untrusted predefined variables ($(Build.SourceBranch)/$(Build.SourceBranchName) the attacker names, $(System.PullRequest.SourceBranch) on fork PRs, $(Build.SourceVersionMessage) commit message) substituted into script:/bash:/pwsh: text, following taint through variables: bindings; UNTRUSTED TEMPLATES pulled from a foreign repository resource (runs in your pipeline with your secrets); CROSS-FILE TEMPLATE INJECTION — an untrusted value passed as a template parameter that the foreign template's OWN body pipes into an internal script:/bash: sink (the template interior is resolved & analyzed); fork variable-GROUP / secret exposure on PR-triggered pipelines; and unpinned repository resources on moving refs. Bitbucket Pipelines (bitbucket-pipelines.yml): shell INJECTION from attacker-named variables ($BITBUCKET_BRANCH / $BITBUCKET_TAG / $BITBUCKET_PR_DESTINATION_BRANCH, or a crafted commit message) expanded unquoted into a script: line in a default/pull-requests pipeline; SECURED / deployment-variable fork exposure (a PR pipeline reachable from external contributors that reads repository/deployment secrets); UNPINNED PIPES (a pipe: on :latest / a floating tag = supply-chain, the pipe runs in your step with your secrets); and ungated DEPLOYMENTS (a deployment: step with no trigger: manual reachable from PR/branch). Travis CI (.travis.yml): shell INJECTION from attacker-named TRAVIS_* variables ($TRAVIS_BRANCH / $TRAVIS_PULL_REQUEST_BRANCH / $TRAVIS_TAG / $TRAVIS_COMMIT_MESSAGE) expanded unquoted into a lifecycle hook (before_script/script/after_*); secure-env PR exposure (encrypted secure: vars present on a PR-buildable config that can leak to same-repo branch PRs / opted-in forks); and ungated DEPLOYS (a deploy: with no on: branch/condition gate that fires on any ref). HARDCODED SECRETS (all seven ecosystems): credentials committed verbatim in any CI config — AWS access key ids (AKIA/ASIA), GitHub tokens (ghp_/gho_/ghs_/github_pat_), GitLab/npm/Slack/Google/Stripe keys, PEM private keys, and generic high-entropy secrets assigned to secret-shaped keys — while correctly suppressing the SAFE indirect references (${{ secrets.X }}, $VAR, << pipeline... >>, $(Var), credentials('id'), Key Vault / vault refs) so you get the real leaks with zero false positives; evidence is redacted so the report never re-leaks the credential. OIDC CLOUD-TRUST MISCONFIGURATION (cross-domain, IaC): include your Terraform / CloudFormation / GCP workload-identity / Azure federated-credential and ci-sentinel models the CLOUD side of OIDC — the trust policy of the IAM role / pool / app that backs CI — and flags the catastrophic-but-common misconfigurations: a `sub` condition with a broad wildcard (repo:org/*, repo:*), NO sub condition at all (any workflow on the issuer can assume the role), a repo pinned but ref/environment UNpinned (any branch can assume), the bare `pull_request` subject (fork-reachable), or an unpinned `aud`. It then CORRELATES the IaC trust condition with the CI side (a workflow that mints id-token reachable from an untrusted trigger) and escalates to critical when the chain is reachable end-to-end — a flow no single-file CI linter catches because it spans the CI claim and the cloud trust policy. JENKINS SHARED LIBRARIES (@Library, cross-file): provide the library's vars/<name>.groovy bodies (sharedLibYmls) and ci-sentinel taints an untrusted pipeline value (a PR title / branch / build parameter) passed to a shared-library global-var step THROUGH the library's call() interior to an internal sh/bat sink — the Jenkins parity of orb/template/composite-action cross-file taint, invisible when reading only the Jenkinsfile — plus flags @Library imports pinned to a mutable ref (a branch / default version) as supply-chain risk. The deep tier returns every finding with file:line, the full taint path and a SARIF 2.1.0 report with codeFlows, uploadable to GitHub code scanning. Use it whenever reviewing, writing or accepting CI config. Heuristic static analysis, not a guarantee.
    Connector
  • DIFFERENTIAL CI/CD security check for a workflow/pipeline CHANGE — the tool a PR gate needs. Give it the BEFORE and AFTER state of your CI config (e.g. a pull request that edits .github/workflows/*.yml, .gitlab-ci.yml, a Jenkinsfile, .circleci/config.yml, azure-pipelines.yml, bitbucket-pipelines.yml, .travis.yml or an IaC OIDC trust policy) and it reports exactly which security findings the change INTRODUCES, REMOVES or AGGRAVATES, plus a single verdict: INTRODUCES_RISK (block the change), REDUCES_RISK (the change hardens CI) or NEUTRAL. It runs the full 7-ecosystem deep engine on both states and reconciles the two finding sets by a LINE-INDEPENDENT identity, so an edit that merely shifts line numbers does NOT look like it introduced/removed a flaw — only a REAL security change shows up. For every introduced finding you get the file:line, the taint path and the concrete fix to undo the risk; for removed ones you see what the change fixed. This is the answer your own agent can't compute by reading the after-state alone: it has no principled BEFORE→AFTER security delta. Use it on every PR that touches CI config — wire INTRODUCES_RISK to a failing status check. Provide each side as { files: {name: yaml} } (or { source } for one file). Premium: requires an API key (set CI_SENTINEL_KEY) or pays per call via x402. Heuristic static analysis, not a guarantee.
    Connector
  • Single-shot free-text answer about a real-world location, backed by signed satellite/elevation/water/built-up receipts. Forwards a place mention plus a question; runs the locate → recall → algorithm chain server-side; returns one packaged envelope. When to use: Use when the question concerns a specific real-world place and a packaged, citation-bearing answer is preferable to manual primitive composition. Forward the user's question verbatim as `q` plus the location as `place` (free text), `cell` (cell64), or `lat`+`lng`. The server resolves the location, classifies the question to a topic, recalls every relevant band (auto-materializing Sentinel-2 / Sentinel-1 / Cop-DEM / JRC GSW / Overture / weather on miss), surfaces the algorithm recipes that compose those bands into named scores, and returns a single envelope with `topic_routing`, `facts`, `algorithms_for_question`, an optional Sentinel-2 RGB scene URL, and a `caveats` block (grid resolution, revisit cadence). All facts are signed by the responder; the signed `receipt` (and its content-addressed `fact_cids`) is surfaced at the envelope ROOT — `response.receipt` / `response.fact_cids` — exactly like every other primitive, and is also mirrored under `facts_summary.receipt` for back-compat. Set `include_image: true` to bundle the latest cloud-free Sentinel-2 thumbnail. Out-of-scope questions return `topic_routing.matched_topic: null` plus the full inventory so the caller can route elsewhere.
    Connector
  • The unified bsp() function. Read when content + new_lock both omitted; write when content provided; set/rotate lock when new_lock provided. Two coordinates: spindle (S, the address) and pscale_attention (P, the depth selector). Shape derives from (S, P). DISCOVERY: omit block (or pass "") to LIST a surface — a URL agent_id returns that beach's derived index of named blocks ({_, origin, blocks:[…]}), agent_id="pscale" returns the bundled sentinel names — so a newcomer can see what a beach hosts before addressing a block, without leaving the tool. (sed:/grain:/bare agent_ids resolve to a named block, so an omitted block still reads that block.) Lock semantics: secret = proof of current authority; new_lock = target lock value (the two never overlap). See pscale://whetstone branch 2 for shape derivation, branch 3 for modifiers, branch 4 for storage. Substrate dispatch via agent_id prefix (sed:, grain:, ordinary).
    Connector
  • Build optimal parlay candidates from the latest persisted slate. Reconstructs the legs from `slate_prop_predictions` (the most recent slate run for `book`) and runs the parlay optimizer — it does NOT re-run the models, so this is read-only. Enforces a same-game cap (`max_correlation`) to limit correlated legs. Longshot guard: legs are required to clear `min_leg_prob` (default 0.50) — a pick'em leg should be more-likely-than-not. Without it the EV optimizer happily stacks 9-13% longshots (a huge payout × a tiny probability scores as "+EV") into lottery-ticket parlays that hit ~0.1% of the time and lean entirely on the model's least-reliable tail estimates. Lower it only to deliberately hunt longshots. Underdog uses per-leg payout multipliers (combined payout = product of legs). PrizePicks is priced by a FIXED table per entry size (2-pick=3x … 6-pick=25x); for book='prizepicks' the optimizer maximizes combined probability and `combined_payout` is the fixed entry multiplier (per-leg `payout_multiplier` is a sentinel, not a real price).
    Connector
  • Scan an MCP server (URL or raw manifest JSON) against Helixar's Sentinel detection rules. Returns risk score, findings, and a Claude-generated security brief. Quick mode is free + authless (top 8 rules); deep mode runs all 26 rules with an api_key.
    Connector
  • Entity relationship intelligence: finds all watchlist hits, traverses entity relation graph, screens connected entities, produces risk network map with composite scoring per node. Replaces 10-20 API calls + manual graph analysis. Costs $0.015 USDC via x402.
    Connector
  • Cross-border transaction pre-screening: checks sender + receiver against watchlists, evaluates jurisdiction risk, provides forex corridor rate, returns PROCEED/REVIEW/FLAG/BLOCK recommendation. Replaces 6 API calls. Costs $0.008 USDC via x402.
    Connector
  • Know Your Agent — ERC-8004 registry lookup + sanctions screening + signed JWT attestation for any wallet address. Returns agent registration status, operator wallet, screening results, and coldStartSignals. FREE.
    Connector
  • Fetch the least-cloudy Sentinel-2 L2A tile covering a given H3 cell from Microsoft Planetary Computer. Returns signed COG band URLs for all 6 Prithvi/Clay spectral bands (B02 Blue, B03 Green, B04 Red, B8A NIR, B11 SWIR1, B12 SWIR2), plus tile metadata. The tile is cached in memory for subsequent perception_classify or perception_embed calls.
    Connector
  • Run Prithvi-EO-2.0-300M-TL-Sen1Floods11 flood classification on a Sentinel-2 tile previously fetched by perception_fetch_tile. Sends the 6-band chip to a RunPod endpoint and returns: dominant_class, flood_pixel_pct, confidence, class_counts, and the full perception_chain. The perception chain is written to Spatial Memory and a signed audit breadcrumb is dropped to the agent trail.
    Connector
  • Screen a blockchain wallet address against sanctioned/blacklisted crypto addresses (OFAC SDN, USDT Blacklist, USDC Blacklist, Ransomwhere, OpenSanctions, UK OFSI). Costs $0.003 USDC via x402.
    Connector
  • Check whether a crypto address is safe to transact with. Screens OFAC sanctions + community scam lists and flags contract-vs-wallet. Returns verdict (safe/caution/avoid), 0-100 risk score, reasons, and sources.
    Connector